EP3669562B1 - Procédé de mise en service et de personnalisation d'un module d'identité de participant - Google Patents
Procédé de mise en service et de personnalisation d'un module d'identité de participant Download PDFInfo
- Publication number
- EP3669562B1 EP3669562B1 EP18762763.3A EP18762763A EP3669562B1 EP 3669562 B1 EP3669562 B1 EP 3669562B1 EP 18762763 A EP18762763 A EP 18762763A EP 3669562 B1 EP3669562 B1 EP 3669562B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- individual
- subscriber identity
- identity module
- unique
- secret key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims description 39
- 238000010295 mobile communication Methods 0.000 claims description 17
- 238000004519 manufacturing process Methods 0.000 description 26
- 230000001413 cellular effect Effects 0.000 description 18
- 238000004891 communication Methods 0.000 description 6
- 238000012795 verification Methods 0.000 description 6
- 241000295146 Gallionellaceae Species 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010367 cloning Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000002250 progressing effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
- H04W8/265—Network addressing or numbering for mobility support for initial activation of new user
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/35—Protecting application or service provisioning, e.g. securing SIM application provisioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
- H04W8/205—Transfer to or from user equipment or user record carrier
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
- H04W8/245—Transfer of terminal data from a network towards a terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
Definitions
- the invention relates to a method for putting into operation and personalizing a subscriber identity module in a mobile radio network, in which the subscriber identity module does not contain an individual, unique parameter data record, comprising at least one individual subscriber identification and one individual secret key, before it is first put into operation in the mobile radio network, and only after it is put into operation for the first time is equipped with an individual, unambiguous parameter data set of final identification and authentication parameters in the mobile network.
- Mobile radio-capable end devices communicate via cellphone networks. Smartphones and mobile phones are among the classic mobile radio-capable end devices - or equivalently mobile radio end devices.
- Mobile radio-capable end devices also include control devices (control devices or measuring devices or combined control/measuring devices) for industrial facilities in the commercial or private environment.
- Industrial facilities are, for example, production facilities that have one or more control devices (terminals) that can communicate with a background system and/or with one another via a mobile radio network.
- Other industrial facilities are smart home facilities such as heaters or electricity consumers with end devices in the form of control devices.
- the end device In order to use a mobile radio-capable end device, such as smartphones or mobile phones, in a mobile radio network of a network operator, the end device contains a subscriber identity module with a subscription profile or short profile.
- the profile manages the configuration of the terminal and the connection of the terminal in the mobile network.
- the profile includes an individual parameter data record that enables the establishment, operation and termination of a connection of the terminal device in the mobile network, and includes, for example, a cryptographic authentication key - also known as a secret key - Ki and an individual International Mobile Subscriber Identity - in German subscriber identification - IMSI.
- SIM Subscriber Identity Module
- USIM Universal SIM
- UICC Universal Integrated Circuit Card
- the infrastructure of a mobile network operator includes a large number of servers, generally referred to below as mobile server.
- the cellular servers functionally include production servers used in the production of subscriber identity modules, eg, personalization servers and other production servers to personalize subscriber identity modules in production.
- Such production servers also personalization servers
- the mobile radio servers also include operating and provisioning servers that are used when a subscriber identity module is already in use in the field at a customer, eg an end customer or user of a mobile radio terminal (eg smartphones).
- Operational servers are used, for example, for normal operations such as telephone calls.
- Provisioning servers are used to plug in subscriber identity modules already in the field To send data, for example when a subscriber identity module is first put into operation, or later.
- an individual parameter data record comprising in particular an individual subscriber identification IMSI and an individual cryptographic secret key (authentication key) Ki
- an individual parameter data record comprising in particular an individual subscriber identification IMSI and an individual cryptographic secret key (authentication key) Ki
- an individual parameter data record comprising in particular an individual subscriber identification IMSI and an individual cryptographic secret key (authentication key) Ki
- an individual parameter data record is already programmed into the subscriber identity module by a personalization server during the production of the subscriber identity module.
- Correctly assigned subscriber identifications IMSI and secret key Ki are registered with the mobile radio server. If a subscriber identity module with an unregistered subscriber identification IMSI reports to the mobile radio server in this system, the report is not accepted.
- the mobile radio server it is necessary for the mobile radio server to register a large number of IMSI subscriber identifications in reserve, even if the subscriber identity modules which correspond to the IMSI subscriber identifications are not yet in operation.
- WO 2009/141035 A1 discloses a method for commissioning and personalizing a subscriber identity module (there called subscriber identification module) in a mobile network, in which a large number of subscriber identity modules before initial commissioning with identical, non-individual, non-unique generic, initial parameter data sets of initial identification and authentication parameters are equipped, which contain at least one non-individual and provisional subscriber identification IMSI and a non-individual and provisional secret key Ki.
- subscriber identity module herein.g., subscriber identity module
- Ki non-individual and provisional secret key
- US8571537B2 from the prior art proposes a similar method for commissioning and personalization of a subscriber identity module EP2283666B1 from the same patent family.
- US8571537B2 is also started with a variety of subscriber identity modules with identical, non-individual, non-unique generic, initial parameter data sets.
- subscriber identity modules that are already programmed during production with an individual parameter data set are therefore more secure in the respect described, at the cost of slower production.
- the invention is based on the object of creating a method for the commissioning and personalization of subscriber identity modules which enables the subscriber identity modules to be produced as efficiently as possible and also offers the highest possible level of security.
- the method according to claim 1 is set up for the commissioning and personalization of a subscriber identity module in a mobile radio network.
- the subscriber identity module Before it is put into operation for the first time in the mobile radio network, the subscriber identity module does not yet have an individual, unambiguous parameter data record.
- Such an individual, unambiguous parameter data record comprises at least one individual subscriber identification IMSI and one individual secret key Ki.
- the subscriber identity module is only provided with an individual, unambiguous parameter data record after or when it is first put into operation (by a customer who has purchased the subscriber identity module) in the mobile radio network. Only the individual, unambiguous parameter data set, comprising an individual subscriber identification IMSI and an individual secret key Ki, enables permanent operation of a mobile radio terminal, in which the subscriber identity module is operated, in a mobile radio network.
- the method has the advantage over subscriber identity modules that are already completely personalized in production with an individual subscriber identification IMSI and an individual secret key Ki that in production one and the same secret key can be programmed into all subscriber identity modules of a batch or group under consideration, without individual programming of each subscriber identity module with an individual secret key. This allows an accelerated production of the subscriber identity modules.
- the management of secret keys is simplified since initially there is only a single generic non-individual secret key.
- the provision of an individual subscriber identification IMSI in the subscriber identity module before it retrieves its own individual secret key from the mobile radio server based on the non-individual secret key also prevents any duplication of the parameter data set in order to produce counterfeit or cloned subscriber identity modules.
- a parameter data set in which both the subscriber identification IMSI and the secret key are non-individual duplication is possible a priori.
- the provisional parameter data record according to the invention thus offers improved protection and security against forgery or cloning of subscriber identity modules.
- a method for the commissioning and personalization of a subscriber identity module in a mobile radio network is created, which enables the subscriber identity modules to be produced as efficiently as possible and also offers the highest possible level of security.
- the subscriber identity module After the individual, unique, final secret key has been received at the subscriber identity module, it is programmed into the subscriber identity module in order to provide the subscriber identity module with the final, individual, unique parameter data set.
- the subscriber identity module is now equipped for permanent operation in the mobile network.
- the preliminary parameter data record allows an individual secret key to be downloaded into the subscriber identity module using the authentication cycle according to step b), but not a permanent one Operation of the subscriber identity module or a mobile radio terminal equipped with the subscriber identity module in the mobile radio network.
- the provisional parameter data set allows only a single (successfully completed) authentication cycle according to step b), and can then no longer be used.
- the authentication cycle according to step b) can optionally consist of the two communication steps b1) and b2) described above between the subscriber identity module and the mobile radio server.
- the authentication cycle can alternatively consist of four (or more) communication steps between the subscriber identity module and the mobile radio server.
- communication step b2) can comprise several communication sub-steps, and the final individual secret key is only transmitted to the subscriber identity module in the last communication sub-step.
- the subscriber identity module is already programmed during production with the provisional parameter data set (individual subscriber identification IMSI, non-individual secret key (e.g. group key)).
- the subscriber identity module is first programmed with an initial parameter data set (non-individual subscriber identification, non-individual secret key (eg group key)).
- the initial parameter data set is preferably already programmed in during production.
- the provisional parameter data record (individual subscriber identification IMSI, non-individual secret key (eg group key)) is only programmed into the subscriber identification in a preparatory, singular authentication cycle
- the initial parameter data set allows the subscriber identity module only a single (successfully completed) authentication cycle, in which an individual subscriber identification is downloaded from the mobile radio server into the subscriber identity module.
- At least the initial parameter data record enables an individual subscriber identification to be downloaded from the mobile radio server into the subscriber identity module, but no permanent operation of the subscriber identity module for authentication in the mobile radio network.
- a provisional parameter data set is set up in the subscriber identity module based on an initial, completely non-individual generic parameter data set, in which the subscriber identification IMSI is already individual, but the secret key is not yet.
- an individual secret key can be loaded into a subscriber identity module prepared in this way, in particular after the provisional parameter data set has also been registered with the responsible mobile radio server, in order to completely individualize the subscriber identity module and thus completely personalize it.
- an individual, unambiguous subscriber identification IMSI received from the mobile radio server and the non-individual, non-unique provisional secret key that was already present are used combined into a preliminary parameter data set.
- the provisional parameter data record is preferably also registered with a mobile radio server.
- the individual, unique, final secret key can be loaded from the mobile radio server into the subscriber identity module in a subsequent step using the provisional parameter data record.
- the initial parameter data set allows only the individual subscriber identification to be downloaded, and the preliminary parameter data set only enables the individual secret key to be downloaded. Neither the initial parameter data set nor the preliminary parameter data set enables permanent operation of the subscriber identity module for authentications in the mobile network, as are carried out, for example, in standard activities such as telephoning and mobile data connections in the mobile network.
- the method further includes, following the steps of receiving according to b1 or d1 and positive verification according to b2 or d2, further, at the mobile radio server: registering the individual, unique subscriber identification for the subscriber identity module as the Subscriber identity module associated final unique subscriber identification.
- the mobile radio server it is therefore possible for the mobile radio server to register the individual, unique subscriber identification IMSI only when the subscriber identity module registers with the individual, unique subscriber identification in the mobile radio network for the first time.
- the registration step or steps ensure that the subscriber identity module with its individual parameters subscriber identification IMSI and/or secret key Ki is managed as a known, registered subscriber identity module. Only subscriber identity modules for which a complete, individual, final parameter data record is registered with the cellular server can permanently participate in communication in the cellular network and enable or carry out authentications in the cellular network.
- the function of the non-individual secret key is a group key for all subscriber identity modules that contain a preliminary or initial parameter data set with the non-individual secret key.
- group keys can be provided for several groups of subscriber identity modules.
- all subscriber identity modules associated with the same mobile network operator have the same group key.
- Subscriber identity modules from other network operators have different group keys.
- all subscriber identity modules which are assigned to the same mobile radio network operator and which are thereby assigned to a specific batch of subscriber identity modules have the same group key.
- subscriber identity modules from the same network operator, belonging to other batches have different group codes.
- a batch may include all subscriber identity modules that have been produced or placed on the market within a certain period of time (eg, 1 week, 1 month, 1 year, etc.).
- the provisional parameter data record a) contains a provisional group key from a plurality of group keys as a provisional secret key. Each group is assigned its own group key from the plurality of group keys.
- the cellular server has all of the group keys from the plurality of group keys.
- the individual, unique subscriber identification according to a1) and, if applicable, the identical, non-individual, non-unique initial subscriber identification according to c1) (each) contain group key information from which it can be derived which group key the subscriber identification is assigned to .
- an authentication message that the subscriber identity module sends to the mobile server is verified at the mobile server. Only after positive verification may the final individual secret key be sent to the subscriber identity module.
- step b2) verifying the authentication message according to predetermined criteria, includes the following sub-steps carried out at the mobile radio server: b2-1) extracting the non-individual, non-unique provisional secret key from the authentication message; b2-2) verifying the non-individual, non-unique temporary secret key extracted according to b2-1). If the extracted non-individual, non-unique temporary secret key cannot be positively verified, then this secret key is not an authorized mobile server secret key and the subscriber identity module is rejected and not further personalized. If the preliminary secret key is positively verified, it is an authorized mobile server secret key and the personalization of the subscriber identity module proceeds.
- the final individual secret may be sent to the subscriber identity module immediately in response to positive verification of the authentication message.
- the subscriber identity module may be sent to the subscriber identity module immediately in response to positive verification of the authentication message.
- the subscriber identity module may be sent to the subscriber identity module immediately in response to positive verification of the authentication message.
- the subscriber identity module it is necessary for the subscriber identity module to send a further, second authentication message to the mobile radio server, and for this further, second authentication message also to be positively verified. Only then does the cellular server send the final secret key to the subscriber identity module.
- the mobile server After the valid participant identification has been registered in step b3) with the mobile server, according to sub-step b2-4), the mobile server with the individual, unique participant identification and the non-individual, non-unique provisional Secret key formed second authentication message received from the subscriber identity module.
- the mobile server verifies the second authentication message according to predetermined criteria, eg according to criteria as described for the authentication message.
- the mobile server sends the individual, unique, final secret key to the subscriber identity module. Finally, the secret key is then programmed into the subscriber identity module.
- the method optionally includes registering with the cellular server the individual unique final secret key for the subscriber identity module after it has been assigned to the subscriber identity module or after the secret key has been sent to the subscriber identity module.
- the mobile radio server is set up to carry out the verification of the authentication message according to step b2) for each individual, unique subscriber identification received in an authentication message according to step b1), in particular without a requirement that the individual, unique subscriber identification already be Mobile server is registered.
- the mobile server accepts every incoming, or at least every unknown, subscriber identification (IMSI), optionally apart from subscriber identifications that are expressly forbidden or blocked.
- IMSI unknown, subscriber identification
- the secret key used with the subscriber identification is decisive for whether the subscriber identification is accepted by the mobile radio server. If the secret key is positively verified, the subscriber identification is accepted and registered with the mobile server. Pre-registration of individual participant identifications that have already been assigned is not required. As a result, the administrative effort at the mobile radio server is reduced compared to servers with previously registered individual subscriber identifications.
- a mobile radio server is understood to mean a server which is set up to be able to carry out one or more personalization steps on a subscriber identity module.
- Personalization steps are, for example, sending an individual public key and/or an individual subscriber identification to a subscriber identity module.
- authentication may be required between the mobile server and the subscriber identity module.
- a cellular server used in production may be a different cellular server than a cellular server used to personalize a subscriber identity module already in the field.
- the mobile radio server is always referred to as the mobile radio server in terms of its function.
- the cellular server can be designed as a classic production personalization server. In the field, ie when the subscriber identity module is already in use by a customer (e.g.
- the cellular server can be designed as a single server.
- the mobile radio server can be internally structured into several servers with different tasks.
- the "cellular server” can include a data preparation server (data preparation) that prepares personalization data for sending to a subscriber identity module, and a secure transmission server (secure router) that processes personalization data sends to the Subscriber Identity Module, per GSMA recommendations for remote provisioning of SIMs.
- the initial parameter data set is preferably introduced into the subscriber identity module during production of the subscriber identity module by a mobile radio server which is designed as a personalization server and which is located in a production environment.
- the provisional parameter data set can also already be introduced into the subscriber identity module during production of the subscriber identity module by a personalization server that is in a production environment.
- an initial parameter data set is used, this is introduced into the subscriber identity module during production.
- the individual subscriber identification is only introduced into the subscriber identity module, and the preliminary parameter data record is thus set up in the subscriber identity module when the subscriber identity module is already in the field, at a customer in a mobile radio terminal.
- the preliminary parameter data set is preferably set up by a provisioning server in the subscriber identity module, e.g. by a GSMA provisioning server, optionally also by a provisioning server including data preparation server and secure router for the subtasks of data preparation and data transmission to the subscriber identity module.
- FIG. 1 shows a system illustrative of the invention comprising a Subscriber identity module 1 operated in a mobile radio terminal, here a smartphone, and a mobile radio server 2.
- An initial parameter data set S1 in connection with the invention is completely non-individual and includes a non-individual subscriber identification IMSI-G (group IMSI) and a non-individual secret key Ki-G (group key), which are identical for a large number of subscriber identity modules 1 are.
- the initial parameter data record S1 can only be used to load an individual subscriber identification IMSI into the subscriber identity module 1.
- a provisional parameter data record S2 is set up in the subscriber identity module 1 by retrieving an individual subscriber identification IMSI in the subscriber identity module 1, starting from an initial parameter data record S1.
- a preliminary parameter data record S2 in connection with the invention includes an individual subscriber identification IMSI and a non-individual secret key Ki-G.
- the provisional parameter data set S2 can only be used to load an individual secret key Ki into the subscriber identity module 1 using the individual subscriber identification IMSI.
- a final parameter data record S3 is set up in the subscriber identity module 1 by retrieving an individual secret key Ki in the subscriber identity module 1, starting from a preliminary parameter data record S2.
- a final parameter data set S3 in connection with the invention includes an individual subscriber identification IMSI and a individual secret key Ki. Only a final parameter data set S3 enables regular, permanent operation of a mobile radio terminal with the subscriber identity module 1 in mobile radio networks, for example to make phone calls, call up websites on the Internet via the mobile radio interface, or transmit mobile data.
- the aim of exchanging the first two authentication messages N(S1), N(S2) or authentication cycles (a), (b) is to personalize the subscriber identity module 1 with two separate authentication cycles (a) (retrieval an individual IMSI) and (b) (retrieval of an individual secret key Ki).
- the aim of the exchange of the third authentication message is authentication during normal operation of the subscriber identity module 1 in the mobile radio network.
- a completely unpersonalized subscriber identity module 1 contains an initial parameter data set S1, comprising an identical, non-individual, non-unique initial subscriber identification IMSI-G (e.g. a group IMSI) for a large number of subscriber identity modules, and one for a large number of subscriber identity modules identical, non-individual, non-unique provisional secret key Ki-G (eg a group secret key).
- IMSI-G e.g. a group IMSI
- Ki-G e.g a group secret key
- the subscriber identity module 1 is now in the state shown in FIG. 3(b) and contains a preliminary parameter data record S2, comprising an individual subscriber identification IMSI and a non-individual, non-unique preliminary secret key Ki-G.
- a subscriber identity module 1 set up according to FIG. 3(b) sends an authentication message N(S2) to a mobile radio server 2, then the authentication message N(S2) is formed with the provisional parameter data record S2.
- the mobile radio server 2 verifies the authentication message N(S2) and sends an individual secret key Ki to the subscriber identity module 1 after carrying out all the prescribed steps.
- the individual secret key Ki is programmed into the subscriber identity module 1.
- the subscriber identity module 1 is now in the state shown in FIG. 3(c) and contains a final parameter data record S3, comprising an individual subscriber identification IMSI and an individual, unique, final secret key Ki.
- the subscriber identity module 1 is now set up for continuous operation in the cellular network. Authentication messages are now created and sent with the final parameter data set S3, with the individual subscriber identification IMSI and the individual, unique, final secret key Ki.
- the retrieval of the secret key Ki based on a provisional parameter data set S2, which includes an individual subscriber identification IMSI not yet registered with the mobile server 2, and a non-individual provisional secret key Ki-G according to embodiments of the invention, two separate authentication steps (b1) (Registration of the initially unknown individual IMSI) and (b2) (retrieval of the individual secret key Ki).
- the authentication cycle (b1)+(b2) shown for retrieving the secret key Ki is analogous to the authentication cycle shown in FIG. 3(b).
- the subscriber identity module 1 sends an authentication message N(S2) to a mobile radio server 2, which was formed with the individual subscriber identification IMSI not yet registered with the mobile radio server 2 and the non-individual provisional secret key Ki-G (ie with a provisional parameter data record S2 ).
- the mobile server 2 determines that the subscriber identification IMSI is unknown.
- the mobile server 2 verifies the non-individual temporary secret key Ki-G. If the non-individual provisional secret key Ki-G is positively verified, the provisional secret key Ki-G authorized by the mobile radio server 2 is recognized by the mobile radio server.
- the subscriber identification IMSI is registered as the now known subscriber identification IMSI at the mobile radio server 2 and the subscriber identification IMSI is informed of this (acknowledgment "OK").
- the subscriber identity module 1 sends a further authentication message N(S2) to the cellular server 2, which was formed using the individual subscriber identification IMSI that has now been registered with the cellular server 2 and the non-individual temporary secret key Ki-G (ie with a registered temporary parameter data set S2).
- the mobile radio server 2 determines that the subscriber identification IMSI is already registered.
- the mobile server 2 verifies the non-individual temporary secret key Ki-G. If the non-individual provisional secret key Ki-G is positively verified, the provisional secret key Ki-G authorized by the mobile radio server 2 is recognized by the mobile radio server.
- the mobile server 2 sends the final secret key Ki to the subscriber identity module 1.
- the final secret key Ki is registered with the mobile server 2 together with the already registered subscriber identification IMSI, with the result that the mobile server 2 for the subscriber identity module 1 now a final parameter data record, comprising a final subscriber identification IMSI and a final secret key Ki, is registered.
- FIG 5 shows an example of a plurality of provisional secret keys Ki-G1, Ki-G2, Ki-G3, ..., for several groups 1, 2, 3, ... of subscriber identity modules 1.
- Each subscriber identification IMSI or IMSI-G has an addition , which shows which group an IMSI belongs to.
- non-individual group subscriber identification 1-IMSI-G and individual individual subscriber identification 1-IMSI belong to group 1 with group secret key Ki-G1.
- 2-IMSI-G and 2-IMSI belong to group 2 with group secret key Ki-G2.
- 3-IMSI-G and 3-IMSI belong to group 3 with group secret key Ki-G3.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Claims (14)
- Procédé de mise en service et de personnalisation d'un module d'identité d'abonné (1) dans un réseau radio mobile, dans lequel le module d'identité d'abonné (1), avant sa première mise en service dans le réseau radio mobile, ne contient pas encore de jeu de données paramétriques (S3) univoque individuel comportant au moins une identification individuelle d'abonné (IMSI) et une clé secrète individuelle (Ki), et n'est doté d'un jeu de données paramétriques (S3) univoque individuel qu'après ou qu'à l'occasion de sa première mise en service dans le réseau radio mobile,
caractérisé par les étapes :a) mise à disposition d'un module d'identité d'abonné (1) contenant un jeu de données paramétriques (S2) provisoire, lequel comprend :a1) une identification d'abonné (IMSI) univoque individuelle au module d'identité d'abonné (1), eta2) une clé secrète (Ki-G) provisoire non univoque, non individuelle, identique pour une pluralité de modules d'identité d'abonné (1) ;b) mise à disposition d'un serveur de radio mobile (2) disposant d'une clé secrète (Ki-G) provisoire non univoque, non individuelle, et, au serveur de radio mobile (2), exécution des étapes :b1) réceptionnement d'un message d'authentification (N(S2)) constitué avec l'identification d'abonné (IMSI) univoque individuelle et avec la clé secrète (Ki-G) provisoire non univoque, non individuelle, par le module d'identité d'abonné (1) ;b2) en réaction au réceptionnement du message d'authentification (N(S2)), vérification du message d'authentification (N(S2)) suivant des critères prédéterminés, et, dans le cas d'une vérification aboutie du message d'authentification (N(S2)), envoi d'une clé secrète individuelle (Ki) univoque définitive au module d'identité d'abonné (1), pour la programmation dans le module d'identité d'abonné (1). - Procédé selon la revendication 1, comprenant en outre les étapes :
avant l'étape a) :c) mise à disposition d'un module d'identité d'abonné (1) contenant un jeu de données paramétriques (S1) initial, lequel contient :c1) une identification d'abonné (IMSI-G) initiale non univoque, non individuelle, identique pour une pluralité de modules d'identité d'abonné (1), etc2) la clé secrète (Ki-G) provisoire non univoque, non individuelle, identique pour une pluralité de modules d'identité d'abonné (1),d) au serveur de radio mobile :d1) réceptionnement d'un message d'authentification (N(S1)) initial constitué avec l'identification d'abonné (IMSI-G) initiale non univoque, non individuelle et avec la clé secrète (Ki-G) provisoire non univoque, non individuelle, par le module d'identité d'abonné (1) ;d2) en réaction au réceptionnement du message d'authentification (N(S1)) initial, vérification du message d'authentification (N(S1)) initial suivant des critères prédéterminés, et, dans le cas d'une vérification aboutie du message d'authentification (N(S2)), envoi de l'identification d'abonné (IMSI) univoque, individuelle au module d'identité d'abonné (1), suivant a1) au module d'identité d'abonné (1), pour la programmation dans le module d'identité d'abonné (1) ;d3) programmation de l'identification d'abonné (IMSI) univoque individuelle dans le module d'identité d'abonné (1), et ainsi mise en place du jeu de données paramétriques (S2) provisoire suivant a) dans le module d'identité d'abonné (2). - Procédé selon la revendication 2, comprenant l'autre étape :
e) combinaison, au moins dans le module d'identité d'abonné (1), de l'identification d'abonné (IMSI) univoque individuelle et de la clé secrète (Ki-G) provisoire non univoque, non individuelle, de manière à obtenir un jeu de données paramétriques (S2) provisoire conçu pour, dans une étape subséquente, déclencher un envoi d'une clé secrète individuelle (Ki) univoque définitive au module d'identité d'abonné (1) pour la programmation dans le module d'identité d'abonné (1). - Procédé selon une des revendications de 1 à 3, comprenant en outre l'étape : b3) programmation de la clé secrète (Ki) univoque individuelle définitive dans le module d'identité d'abonné (1) afin de doter le module d'identité d'abonné (1) du jeu de données paramétriques (S3) univoque individuel.
- Procédé selon une des revendications de 1 à 4, cependant que le jeu de données paramétriques (S2) provisoire, selon a),- ne permet qu'un seul processus d'authentification avec le module d'identité d'abonné (1) au moyen d'un message d'authentification (S2) ; et/ou- ne permet que l'envoi de la clé secrète (Ki) univoque individuelle définitive au module d'identité d'abonné (1), mais pas une utilisation multiple ou durable du module d'identité d'abonné (1) pour l'envoi de messages d'authentification (N(S3)).
- Procédé selon une des revendications de 1 à 5, comprenant en outre à la suite des étapes de la réception suivant b1 ou d1 et de la vérification positive suivant b2 ou d2 :- au serveur de radio mobile (2) : enregistrement de l'identification d'abonné (IMSI) univoque individuelle au module d'identité d'abonné (1), en tant qu'identification d'abonné (IMSI) univoque définitive affectée au module d'identité d'abonné (1).
- Procédé selon une des revendications de 1 à 6,- cependant que plusieurs groupes de modules d'identité d'abonné sont mis à disposition, cependant que chaque groupe comprend une pluralité de modules d'identité d'abonné (1),- cependant que le jeu de données paramétriques (S2) provisoire contient en tant que clé secrète (Ki-G) provisoire une clé de groupe provisoire depuis une pluralité de clés de groupe,- cependant que, à chaque groupe, une propre clé de groupe (Ki-G) est assignée à partir de la pluralité de clés de groupe,- cependant que le serveur de radio mobile (2) dispose de toutes les clés de groupe (Ki-G) de la pluralité de clés de groupe, et- cependant que l'identification d'abonné (IMSI) univoque individuelle suivant a1) et éventuellement l'identification d'abonné (IMSI-G) initiale non univoque, non individuelle, identique selon c1) contient une information de clé de groupe à partir de laquelle il peut être déduit à quelle clé de groupe (Ki-G) l'identification d'abonné (IMSI) est affectée.
- Procédé selon une des revendications de 1 à 7, cependant que, à l'étape b2), la vérification du message d'authentification (N(S1); N(2)) suivant des critères prédéterminés comprend les étapes partielles suivantes exécutées au serveur de radio mobile (2) :b2-1) extraction, depuis le message d'authentification (N(S1); N(2)), de la clé secrète (Ki-G) provisoire, non univoque, non individuelle ;b2-2) vérification de la clé secrète (Ki-G) provisoire, non univoque, non individuelle extraite suivant b2-1).
- Procédé selon la revendication 8, comprenant en outre l'étape :b2-3) dans le cas où, à l'étape b2-2), la clé secrète (Ki-G) provisoire, non univoque, non individuelle extraite est vérifiée positivement, évaluation de l'identification d'abonné (IMSI) suivant la caractéristique a1) comme identification d'abonné (IMSI) valable,b3-4) enregistrement, au serveur de radio mobile (2), de l'identification d'abonné (IMSI) estimée valable suivant l'étape b2-3), en tant qu'identification d'abonné (IMSI) valable.
- Procédé selon la revendication 9, cependant que l'étape b2) comprend en outre les étapes exécutées au serveur de radio mobile (2) :b2-4) après l'étape b3) de l'enregistrement, au serveur de radio mobile (2), de l'identification d'abonné (IMSI) estimée valable : réceptionnement d'un deuxième message d'authentification (N(S2)) constitué avec l'identification d'abonné (IMSI) initiale univoque individuelle et avec la clé secrète (Ki-G) provisoire non univoque, non individuelle, par le module d'identité d'abonné (1),b2-5) en réaction au réceptionnement du deuxième message d'authentification (N(S2)), vérification du deuxième message d'authentification (N(S2)) suivant des critères prédéterminés, et, dans le cas d'une vérification aboutie du message d'authentification (N(S2)), envoi de la clé secrète (Ki) univoque individuelle définitive au module d'identité d'abonné (1), pour la programmation dans le module d'identité d'abonné (1).
- Procédé selon la revendication 10, cependant que l'étape b2-5), vérification du deuxième message d'authentification (N(S2)) suivant des critères prédéterminés, comprend les étapes partielles suivantes exécutées au serveur de radio mobile (2) :b2-5-1) extraction, depuis le deuxième message d'authentification (N(S2)), de la clé secrète (Ki-G) provisoire, non univoque, non individuelle,b2-5-2) vérification de la clé secrète (Ki-G) provisoire, non univoque, non individuelle extraite suivant b2-5-1) ;b2-5-3) dans le cas où, à l'étape b2-5-2), la clé secrète (Ki-G) provisoire, non univoque, non individuelle extraite est vérifiée positivement, envoi de la clé secrète (Ki) univoque individuelle définitive au module d'identité d'abonné (1), pour la programmation dans le module d'identité d'abonné (1).
- Procédé selon une des revendications de 8 à 11, cependant que l'authentification est exécutée suivant l'étape b2-2) ou au suivant b2-5-2) au moyen d'un procédé challenge/response.
- Procédé selon une des revendications de 1 à 11, comprenant en outre l'étape :- enregistrement, au serveur de radio mobile (2), de la clé secrète (Ki) univoque individuelle définitive comme clé secrète (Ki) univoque individuelle définitive affectée au module d'identité d'abonné (1).
- Procédé selon une des revendications de 1 à 13, cependant que le serveur de radio mobile (2) est configuré de manière à, pour chaque identification d'abonné (IMSI) univoque individuelle réceptionnée suivant l'étape b1) dans un message d'authentification (N(S2)), exécuter suivant l'étape b2) la vérification du message d'authentification (N(S2)), en particulier sans un besoin que l'identification d'abonné (IMSI) univoque individuelle définitive soit déjà enregistrée au serveur de radio mobile (2).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102017007790.8A DE102017007790A1 (de) | 2017-08-17 | 2017-08-17 | Verfahren zur Inbetriebnahme und Personalisierung eines Teilnehmeridentitätsmoduls |
PCT/EP2018/000402 WO2019034282A1 (fr) | 2017-08-17 | 2018-08-16 | Procédé de mise en service et de personnalisation d'un module d'identité de participant |
Publications (2)
Publication Number | Publication Date |
---|---|
EP3669562A1 EP3669562A1 (fr) | 2020-06-24 |
EP3669562B1 true EP3669562B1 (fr) | 2022-10-26 |
Family
ID=63452595
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP18762763.3A Active EP3669562B1 (fr) | 2017-08-17 | 2018-08-16 | Procédé de mise en service et de personnalisation d'un module d'identité de participant |
Country Status (4)
Country | Link |
---|---|
US (1) | US10904759B2 (fr) |
EP (1) | EP3669562B1 (fr) |
DE (1) | DE102017007790A1 (fr) |
WO (1) | WO2019034282A1 (fr) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3113753B1 (fr) * | 2020-08-25 | 2023-05-12 | Idemia France | Procédé de vérification d’une carte à microcircuit, procédé de personnalisation d’une carte à microcircuit, carte à microcircuit et dispositif électronique associé |
US20220131847A1 (en) * | 2020-10-26 | 2022-04-28 | Micron Technology, Inc. | Subscription Sharing among a Group of Endpoints having Memory Devices Secured for Reliable Identity Validation |
CN113114659B (zh) * | 2021-04-08 | 2022-12-23 | 深圳市元征科技股份有限公司 | 诊断设备检测方法、装置、终端设备及存储介质 |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19733662C2 (de) * | 1997-08-04 | 2001-05-23 | Deutsche Telekom Mobil | Verfahren und Vorrichtung zur kundenseitigen Personalisierung von GSM-Chips |
US7266371B1 (en) * | 2000-02-22 | 2007-09-04 | Cingular Wireless Ii, Llc | Activation and remote modification of wireless services in a packet network context |
SE528538C2 (sv) * | 2005-05-10 | 2006-12-12 | Smarttrust Ab | Säkert backup-system och förfarande i ett mobilt telekommunikationsnätverk |
US7725717B2 (en) * | 2005-08-31 | 2010-05-25 | Motorola, Inc. | Method and apparatus for user authentication |
DE102008024798A1 (de) | 2008-05-23 | 2009-12-17 | T-Mobile International Ag | Verfahren zur Over-The-Air Personalisierung von Chipkarten in der Telekommunikation |
DE102008025792A1 (de) * | 2008-05-29 | 2009-12-17 | T-Mobile International Ag | Personalisierung einer SIM mittels einer eindeutigen, personlisierten MasterSIM |
KR101683883B1 (ko) * | 2009-12-31 | 2016-12-08 | 삼성전자주식회사 | 이동 통신 시스템에서 보안을 지원하는 방법 및 시스템 |
US10360561B2 (en) * | 2010-12-14 | 2019-07-23 | Lime Light RM, Inc. | System and method for secured communications between a mobile device and a server |
GB2491889A (en) * | 2011-06-17 | 2012-12-19 | Sony Corp | Trial period cellular network connection with identity modules of multiple devices loaded with multiple identities from a shared pool |
EP2704467A1 (fr) | 2012-09-03 | 2014-03-05 | Alcatel Lucent | Personnalisation initiale de carte à puce avec génération locale de clés. |
DE102012020690A1 (de) * | 2012-10-22 | 2014-04-24 | Giesecke & Devrient Gmbh | Verfahren zum Einbringen von Teilnehmeridentitätsdaten in ein Teilnehmeridentitätsmodul |
US9615250B2 (en) * | 2014-12-16 | 2017-04-04 | Microsoft Technology Licensing, Llc | Subscriber identification module pooling |
CN108345782B (zh) * | 2017-01-25 | 2021-02-12 | 杨建纲 | 智能型硬件安全载具 |
-
2017
- 2017-08-17 DE DE102017007790.8A patent/DE102017007790A1/de not_active Withdrawn
-
2018
- 2018-08-16 EP EP18762763.3A patent/EP3669562B1/fr active Active
- 2018-08-16 WO PCT/EP2018/000402 patent/WO2019034282A1/fr unknown
- 2018-08-16 US US16/635,845 patent/US10904759B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
DE102017007790A1 (de) | 2019-02-21 |
US10904759B2 (en) | 2021-01-26 |
US20200228983A1 (en) | 2020-07-16 |
EP3669562A1 (fr) | 2020-06-24 |
WO2019034282A1 (fr) | 2019-02-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2283666B1 (fr) | Procédé de personnalisation de cartes à puce par radiocommunication en télécommunication | |
EP2910039B1 (fr) | Procédé pour introduire des données d'identité d'abonné dans un module d'identités d'abonné | |
EP3669562B1 (fr) | Procédé de mise en service et de personnalisation d'un module d'identité de participant | |
EP2235978A1 (fr) | Procédé pour gérer l'autorisation d'accès relative à des téléphones mobiles sans carte sim | |
EP3288240B1 (fr) | Serveur de profil destine a mettre a disposition un profil de communications pour la communication par l'intermediaire d'un reseau de communication | |
DE102011076414A1 (de) | Wechsel von Subskriptionsdaten in einem Identifizierungsmodul | |
DE102006024041B4 (de) | Verfahren zum Personalisieren eines Sicherheitsmoduls eines Telekommunikations-Endgerätes | |
DE102020003275B3 (de) | Personalisierung eines Secure Element | |
DE102011076415A1 (de) | Wechsel der Subskription in einem Identifizierungsmodul | |
EP2103080B1 (fr) | Vérification de fonctions d'authentification | |
EP2688327B1 (fr) | Activation de données d'identité de participants | |
EP2697989A1 (fr) | Procédé et système de transmission de données à un module d'identification dans un terminal de radiotéléphonie mobile | |
WO2015018510A2 (fr) | Procédé et dispositifs de changement de réseau de téléphonie mobile | |
WO2014117939A1 (fr) | Procédé d'accès à un service d'un serveur par l'intermédiaire d'une application d'un terminal | |
DE102011009486A1 (de) | Verfahren zum Konfigurieren eines Kommunikationsgerätes sowie Kommunikationsgerät | |
EP3235275B1 (fr) | Graver une identite dans un element sur | |
DE102016004735A1 (de) | IMEI Speicherung | |
EP3360355B1 (fr) | Limitation du nombre de téléchargements d'un profil d'abonné pour une carte euicc | |
EP3085134B1 (fr) | Procédé et dispositifs de gestion de souscriptions sur un élément de sécurité | |
EP2723113A1 (fr) | Procédé destiné au fonctionnement d'un module de sécurité | |
EP3111679A1 (fr) | Procédé de gestion à distance d'un élément de données mémorisé sur un élément de sécurité | |
DE102015000693A1 (de) | Verfahren und Vorrichtungen zum Bereitstellen eines Subskriptionsprofils auf einem mobilen Endgerät | |
DE102011122874A1 (de) | Verfahren zur Initialisierung und/oder Aktivierung wenigstens eines Nutzerkontos, zum Durchführen einer Transaktion, sowie Endgerät |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: UNKNOWN |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20200317 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20210520 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: GRANT OF PATENT IS INTENDED |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: H04W 12/40 20210101ALN20220504BHEP Ipc: H04W 12/06 20090101ALN20220504BHEP Ipc: H04W 8/18 20090101ALN20220504BHEP Ipc: H04W 12/30 20210101ALI20220504BHEP Ipc: H04W 12/0431 20210101ALI20220504BHEP Ipc: H04W 8/26 20090101AFI20220504BHEP |
|
INTG | Intention to grant announced |
Effective date: 20220527 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE PATENT HAS BEEN GRANTED |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D Free format text: NOT ENGLISH |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 502018010926 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: REF Ref document number: 1527970 Country of ref document: AT Kind code of ref document: T Effective date: 20221115 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D Free format text: LANGUAGE OF EP DOCUMENT: GERMAN |
|
REG | Reference to a national code |
Ref country code: LT Ref legal event code: MG9D |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: MP Effective date: 20221026 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: NL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230227 Ref country code: NO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230126 Ref country code: LT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: ES Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
RAP4 | Party data changed (patent owner data changed or rights of a patent transferred) |
Owner name: GIESECKE+DEVRIENT MOBILE SECURITY GMBH |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: RS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: LV Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230226 Ref country code: HR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20230127 |
|
P01 | Opt-out of the competence of the unified patent court (upc) registered |
Effective date: 20230520 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 502018010926 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R081 Ref document number: 502018010926 Country of ref document: DE Owner name: GIESECKE+DEVRIENT EPAYMENTS GMBH, DE Free format text: FORMER OWNER: GIESECKE+DEVRIENT MOBILE SECURITY GMBH, 81677 MUENCHEN, DE |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SM Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: EE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 Ref country code: AL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
RAP4 | Party data changed (patent owner data changed or rights of a patent transferred) |
Owner name: GIESECKE+DEVRIENT EPAYMENTS GMBH |
|
26N | No opposition filed |
Effective date: 20230727 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20230824 Year of fee payment: 6 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20230821 Year of fee payment: 6 Ref country code: DE Payment date: 20230831 Year of fee payment: 6 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20221026 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20230816 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20230816 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20230831 |
|
REG | Reference to a national code |
Ref country code: BE Ref legal event code: MM Effective date: 20230831 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: MM4A |